CVE-2021-26109

An integer overflow or wraparound vulnerability in the memory allocator of SSLVPN in FortiOS before 7.0.1 may allow an unauthenticated attacker to corrupt control data on the heap via specifically crafted requests to SSLVPN, resulting in potentially arbitrary code execution.
References
Link Resource
https://fortiguard.com/advisory/FG-IR-21-049 Patch Vendor Advisory
Configurations

Configuration 1

cpe:2.3:o:fortinet:fortios:7.0.0:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*

Information

Published : 2021-12-08 01:15

Updated : 2021-12-09 08:52


NVD link : CVE-2021-26109

Mitre link : CVE-2021-26109

Products Affected
No products.
CWE